1. Field
The present inventive concept is directed in general to communications systems and methods to operate same. In one feature, the present disclosure relates to the methods, systems and devices to authenticate a user of a computer by using a handheld electronic device.
2. Description of the Related Art
Technical advances in communication systems now allow mobile devices to be used in a variety of remote monitoring applications. For example, mobile device hardware and software have been developed to support various healthcare applications. But with remote monitoring systems, there must be an authentication process provided to prevent the misuse of the system by confirming the identity of the entity involved in the process. Authentication systems that have been developed to withstand identity-theft attacks typically use enhanced shared-secret and/or multifactor authentication techniques which employ a compound implementation of two or more classes of human-authentication factors:                1. Something the user knows (e.g., knowledge-based information, such as password, pass phrase, shared secrets, account details and transaction history, PIN, CAPTCHA, and so on);        2. Something the user has (e.g., possession-based information, such as ATM card, security token, smart card, shared soft tokens, mobile device, and so on); and        3. Something the user is (e.g., identity-based information, such facial recognition, fingerprint, voice recognition, keystroke dynamics, signature, and so on).        
Many existing enterprise extranet/VPN solutions require both simple knowledge-based credentials (such as ID and password) and hardware tokens (such as secure ID with time-based one-time password generators, smart cards that use embedded PKI solutions, and so on) in order to gain access. And when the third factor is required, existing solutions typically require that attributes of the third factor be captured and incorporated into the solution before the system is deployed for that user (e.g., typically at the time of registration or enrollment). Even with multifactor authentication techniques, identity theft attacks remain a significant challenge, especially in applications such as healthcare where the management and control of access to confidential and sensitive data raises vital privacy concerns. While identity theft attacks can be prevented by using strong digital signatures, such solutions often require additional complexity, thereby compromising usability and ubiquity.
Accordingly, a need exists for improved authentication method, system and device to overcome the problems in the art, such as outlined above. Further limitations and disadvantages of conventional processes and technologies will become apparent to one of skill in the art after reviewing the remainder of the present application with reference to the drawings and detailed description which follow.